research-article

Public Access

Lightweight Swarm Attestation: A Tale of Two LISA-s

Authors:

Xavier Carpent,

Karim ElDefrawy,

Norrathep Rattanavipanon,

Gene TsudikAuthors Info & Claims

ASIA CCS '17: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security

Pages 86 - 100

https://doi.org/10.1145/3052973.3053010

Published: 02 April 2017 Publication History

Abstract

In the last decade, Remote Attestation (RA) emerged as a distinct security service for detecting attacks on embedded devices, cyber-physical systems (CPS) and Internet of Things (IoT) devices. RA involves verification of current internal state of an untrusted remote hardware platform (prover) by a trusted entity (verifier). RA can help the latter establish a static or dynamic root of trust in the prover and can also be used to construct other security services, such as software updates and secure deletion. Various RA techniques with different assumptions, security features and complexities, have been proposed for the single-prover scenario. However, the advent of IoT brought about the paradigm of many interconnected devices, thus triggering the need for efficient collective attestation of a (possibly mobile) group or swarm of provers. Though recent work has yielded some initial concepts for swarm attestation, several key issues remain unaddressed, and practical realizations have not been explored.

This paper's main goal is to advance swarm attestation by bringing it closer to reality. To this end, it makes two contributions: (1) a new metric, called QoSA: Quality of Swarm Attestation, that captures the information offered by a swarm attestation technique; this allows comparing efficacy of multiple protocols, and (2) two practical attestation protocols -- called LISAa and LISAs -- for mobile swarms, with different QoSA features and communication and computation complexities. Security of proposed protocols is analyzed and their performance is assessed based on experiments with prototype implementations.

References

[1]

T. Abera, N. Asokan, L. Davi, F. Koushanfar, A. Paverd, A.-R. Sadeghi, and G. Tsudik. Invited: Things, trouble, trust: on building trust in IoT systems. In ACM/IEEE Design Automation Conference (DAC), 2016.

Digital Library

[2]

J. Ahrenholz. Comparison of CORE network emulation platforms. In IEEE Military Communications Conference (MILCOM), 2010.

[3]

Apple Computer, Inc. LibOrange, 2006.

[4]

N. Asokan, F. Brasser, A. Ibrahim, A.-R. Sadeghi, M. Schunter, G. Tsudik, and C. Wachsmann. SEDA: Scalable embedded device attestation. In ACM SIGSAC Conference on Computer and Communications Security (CCS), 2015.

Digital Library

[5]

M. Bellare, R. Canetti, and H. Krawczyk. Keying hash functions for message authentication. In IACR Crypto, 1996.

Digital Library

[6]

F. Brasser, B. El Mahjoub, A.-R. Sadeghi, C. Wachsmann, and P. Koeberl. TyTAN: tiny trust anchor for tiny devices. In ACM/IEEE Design Automation Conference (DAC), 2015.

Digital Library

[7]

F. Brasser, A.-R. Sadeghi, and G. Tsudik. Remote attestation for low-end embedded devices: the prover's perspective. In ACM/IEEE Design Automation Conference (DAC), 2016.

Digital Library

[8]

J. Camhi. BI Intelligence projects 34 billion devices will be connected by 2020.

[9]

K. Eldefrawy, G. Tsudik, A. Francillon, and D. Perito. SMART: Secure and minimal architecture for (establishing dynamic) root of trust. In Network and Distributed System Security Symposium (NDSS), 2012.

[10]

A. Ibrahim, A.-R. Sadeghi, G. Tsudik, and S. Zeitouni. DARPA: Device attestation resilient to physical attacks. In ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), 2016.

Digital Library

[11]

Information technology -- Security techniques -- Message Authentication Codes (MACs) -- Part 1: Mechanisms using a block cipher. Standard, ISO.

[12]

A. Kandhalu, K. Lakshmanan, and R. R. Rajkumar. U-connect: a low-latency energy-efficient asynchronous neighbor discovery protocol. In ACM/IEEE Conference on Information Processing in Sensor Networks (IPSN), 2010.

Digital Library

[13]

P. Koeberl, S. Schulz, A.-R. Sadeghi, and V. Varadharajan. TrustLite: A security architecture for tiny embedded devices. In ACM European Conference on Computer Systems (EuroSys), 2014.

Digital Library

[14]

M. Kohvakka, J. Suhonen, M. Kuorilehto, V. Kaseva, M. Hannikainen, and T. D. Hamalainen. Energy-efficient neighbor discovery protocol for mobile wireless sensor networks. Ad Hoc Networks, 7(1):24--41, 2009.

Digital Library

[15]

B. Parno. Bootstrapping trust in a Trusted Platform. In 3rd USENIX Conference on Hot Topics in Security (HotSec), 2008.

Digital Library

[16]

D. Puri. Got milk? IoT and LoRaWAN modernize livestock monitoring.

[17]

RASPBERRY PI FOUNDATION. RASPBERRY PI 2 MODEL B, 2015.

[18]

A.-R. Sadeghi, M. Schunter, A. Ibrahim, M. Conti, and G. Neven. SANA: Secure and scalable aggregate network attestation. In ACM Conference on Computer and Communications Security (CCS), 2016.

Digital Library

[19]

E. Şahin. Swarm robotics: From sources of inspiration to domains of application. In International workshop on swarm robotics, pages 10--20. Springer, 2004.

Digital Library

[20]

D. Schellekens, B. Wyseur, and B. Preneel. Remote attestation on legacy operating systems with trusted platform modules. Science of Computer Programming, 74(1):13 -- 22, 2008.

Digital Library

[21]

A. Seshadri, M. Luk, A. Perrig, L. van Doorn, and P. Khosla. Scuba: Secure code update by attestation in sensor networks. In ACM Workshop on Wireless Security (WiSe), 2006.

Digital Library

[22]

A. Seshadri, M. Luk, E. Shi, A. Perrig, L. van Doorn, and P. Khosla. Pioneer: Verifying code integrity and enforcing untampered code execution on legacy systems. ACM SIGOPS Operating Systems Review, December 2005.

Digital Library

[23]

A. Seshadri, A. Perrig, L. Van Doorn, and P. Khosla. SWATT: Software-based attestation for embedded devices. In IEEE Symposium on Research in Security and Privacy (S&P), 2004.

[24]

F. Stumpf, O. Tafreschi, P. Röder, and C. Eckert. A robust integrity reporting protocol for remote attestation. In Workshop on Advances in Trusted Computing (WATC), 2006.

[25]

Trusted Computing Group. Trusted platform module (tpm).

[26]

R. Waugh. Smart TV hackers are filming people having sex on their sofas.

Cited By

Yu FHuang Y(2024)SDATA: Symmetrical Device Identifier Composition Engine Complied Aggregate Trust AttestationSymmetry10.3390/sym1603031016:3(310)Online publication date: 6-Mar-2024
https://doi.org/10.3390/sym16030310
Vliegen JRabbani MHellemans WMentens N(2024)HAGAR: Hashgraph-based Aggregated Communication and Remote AttestationProceedings of the 21st ACM International Conference on Computing Frontiers: Workshops and Special Sessions10.1145/3637543.3654655(10-16)Online publication date: 7-May-2024
https://dl.acm.org/doi/10.1145/3637543.3654655
Moon EShin Y(2024)HBRA: A History-Based Remote Attestation Approach to Resolve Malicious Verifiers in IoT2024 15th International Conference on Information and Communication Technology Convergence (ICTC)10.1109/ICTC62082.2024.10827194(1562-1567)Online publication date: 16-Oct-2024
https://doi.org/10.1109/ICTC62082.2024.10827194
Show More Cited By

Index Terms

Lightweight Swarm Attestation: A Tale of Two LISA-s
1. Security and privacy

Recommendations

WISE: A Lightweight Intelligent Swarm Attestation Scheme for the Internet of Things

The Internet of Things (IoT) is shaped by increasing number of low-cost Internet-connected embedded devices that are becoming ubiquitous in every aspect of modern life, including safety- and privacy-critical application scenarios. Such devices offer ...
Verifying List Swarm Attestation Protocols
WiSec '23: Proceedings of the 16th ACM Conference on Security and Privacy in Wireless and Mobile Networks

Swarm attestation protocols extend remote attestation by allowing a verifier to efficiently measure the integrity of software code running on a collection of heterogeneous devices across a network. Many swarm attestation protocols have been proposed for ...
HAGAR: Hashgraph-based Aggregated Communication and Remote Attestation
CF '24 Companion: Proceedings of the 21st ACM International Conference on Computing Frontiers: Workshops and Special Sessions

Over the past decade, an exponential rise in the deployment of Internet-of-Things (IoT) devices engulfed our surroundings. IoT devices have spread into domains like personal smart devices, industrial applications, military applications, and medical ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

ASIA CCS '17: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security

April 2017

952 pages

ISBN:9781450349444

DOI:10.1145/3052973

General Chairs:
Ramesh Karri
New York University, New York, USA
,
Ozgur Sinanoglu
New York University Abu Dhabi, UAE
,
Program Chairs:
Ahmad-Reza Sadeghi
Technische Universität Darmstadt, Germany
,
Xun Yi
RMIT University, Australia

Copyright © 2017 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 02 April 2017

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Conference

ASIA CCS '17

Sponsor:

SIGSAC

ASIA CCS '17: ACM Asia Conference on Computer and Communications Security

April 2 - 6, 2017

Abu Dhabi, United Arab Emirates

Acceptance Rates

ASIA CCS '17 Paper Acceptance Rate 67 of 359 submissions, 19%;

Overall Acceptance Rate 418 of 2,322 submissions, 18%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

53
Total Citations
View Citations
1,025
Total Downloads

Downloads (Last 12 months)222
Downloads (Last 6 weeks)37

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Yu FHuang Y(2024)SDATA: Symmetrical Device Identifier Composition Engine Complied Aggregate Trust AttestationSymmetry10.3390/sym1603031016:3(310)Online publication date: 6-Mar-2024
https://doi.org/10.3390/sym16030310
Vliegen JRabbani MHellemans WMentens N(2024)HAGAR: Hashgraph-based Aggregated Communication and Remote AttestationProceedings of the 21st ACM International Conference on Computing Frontiers: Workshops and Special Sessions10.1145/3637543.3654655(10-16)Online publication date: 7-May-2024
https://dl.acm.org/doi/10.1145/3637543.3654655
Moon EShin Y(2024)HBRA: A History-Based Remote Attestation Approach to Resolve Malicious Verifiers in IoT2024 15th International Conference on Information and Communication Technology Convergence (ICTC)10.1109/ICTC62082.2024.10827194(1562-1567)Online publication date: 16-Oct-2024
https://doi.org/10.1109/ICTC62082.2024.10827194
Gonzalez-Gomez JNassar HBauer LHenkel J(2024)LightFAt: Mitigating Control-Flow Explosion via Lightweight PMU-Based Control-Flow Attestation2024 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)10.1109/HOST55342.2024.10545348(222-226)Online publication date: 6-May-2024
https://doi.org/10.1109/HOST55342.2024.10545348
Petz AThomas WFritz ABarclay TSchmalz LAlexander P(2024)Verified Configuration and Deployment of Layered Attestation ManagersSoftware Engineering and Formal Methods10.1007/978-3-031-77382-2_17(290-308)Online publication date: 26-Nov-2024
https://doi.org/10.1007/978-3-031-77382-2_17
Wedaj Kibret SPaul KJ. Ribeiro V(2023)AI-Powered Security for IoT: A Blockchain Enabled Device Twin ApproachOnline Identity - An Essential Guide [Working Title]10.5772/intechopen.1003003Online publication date: 8-Dec-2023
https://doi.org/10.5772/intechopen.1003003
Li Calsi DZaccaria V(2023)Interruptible Remote Attestation of Low-end IoT Microcontrollers via Performance CountersACM Transactions on Embedded Computing Systems10.1145/361167422:5(1-19)Online publication date: 26-Sep-2023
https://dl.acm.org/doi/10.1145/3611674
Le-Papin JDongol BTreharne HWesemeyer SBoureanu ISchneider SReaves BTippenhauer N(2023)Verifying List Swarm Attestation ProtocolsProceedings of the 16th ACM Conference on Security and Privacy in Wireless and Mobile Networks10.1145/3558482.3581778(163-174)Online publication date: 29-May-2023
https://dl.acm.org/doi/10.1145/3558482.3581778
Makhdoom IAbolhasan MLipman JFranklin DPiccardi M(2023)I2Map: IoT Device Attestation Using Integrity Map2023 IEEE 22nd International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)10.1109/TrustCom60117.2023.00258(1900-1907)Online publication date: 1-Nov-2023
https://doi.org/10.1109/TrustCom60117.2023.00258
Cao JZhu TMa RGuo ZZhang YLi H(2023)A Software-Based Remote Attestation Scheme for Internet of Things DevicesIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2022.315488720:2(1422-1434)Online publication date: 1-Mar-2023
https://doi.org/10.1109/TDSC.2022.3154887
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Figures

Tables

Media

View Table of Conten